<?php
session_start();

if (isset($_SESSION['username'])){
	echo json_encode(false);
	exit;
}
if (!isset($_POST['username']) || !isset($_POST['password'])){
	echo json_encode(false);
	exit;
}

require_once("../db.php");

$db = getDBResource();
			
$sUsername = mysql_real_escape_string($_POST['username']);
$sPassHash = sha1(mysql_real_escape_string($_POST['password']));

$rQuery = mysql_query("SELECT user.id FROM user WHERE username = \"".$sUsername."\" AND password = \"".$sPassHash."\"");

$iCount = mysql_num_rows($rQuery);

if ($iCount != 1) {
	echo json_encode(false);
	exit;
} else {
	$_SESSION['username'] = $sUsername;
	$_SESSION['uid'] = mysql_result($rQuery,0,0);
	
	echo json_encode(true);
	exit;
}
?>